THE WHITE HOUSE

Office of the Press Secretary

For Immediate Release -- April 17, 1995

EXECUTIVE ORDER 12958

CLASSIFIED NATIONAL SECURITY INFORMATION

This order prescribes a uniform system for classifying,
safeguarding, and declassifying national security information. Our
democratic principles require that the American people be informed of
the activities of their Government. Also, our Nation's progress
depends on the free flow of information. Nevertheless, throughout our
history, the national interest has required that certain information be
maintained in confidence in order to protect our citizens, our
democratic institutions, and our participation within the community of
nations. Protecting information critical to our Nation's security
remains a priority. In recent years, however, dramatic changes have
altered, although not eliminated, the national security threats that we
confront. These changes provide a greater opportunity to emphasize our
commitment to open Government.

NOW, THEREFORE, by the authority vested in me as President by the
Constitution and the laws of the United States of America, it is hereby
ordered as follows:

PART 1 ORIGINAL CLASSIFICATION

Section 1.1. Definitions. For purposes of this order:

(a) "National security" means the national defense or foreign
relations of the United States.

(b) "Information" means any knowledge that can be communicated or
documentary material, regardless of its physical form or
characteristics, that is owned by, produced by or for, or is under the
control of the United States Government. "Control" means the authority
of the agency that originates information, or its successor in function,
to regulate access to the information.

(c) "Classified national security information" (hereafter
"classified information") means information that has been determined
pursuant to this order or any predecessor order to require protection
against unauthorized disclosure and is marked to indicate its classified
status when in documentary form.

(d) "Foreign Government Information" means:

(1) information provided to the
United States Government by a foreign
government or governments, an international
organization of governments, or any element
thereof, with the expectation that the
information, the source of the information,
or both, are to be held in confidence;

(2) information produced by the
United States pursuant to or as a result
of a joint arrangement with a foreign
government or governments, or an
international organization of governments,
or any element thereof, requiring that the
information, the arrangement, or both, are
to be held in confidence; or

(3) information received and treated as
"Foreign Government Information" under the
terms of a predecessor order.

(e) "Classification" means the act or process by which information
is determined to be classified information.

(f) "Original classification" means an initial determination that
information requires, in the interest of national security, protection
against unauthorized disclosure.

(g) "Original classification authority" means an individual
authorized in writing, either by the President, or by agency heads or
other officials designated by the President, to classify information in
the first instance.

(h) "Unauthorized disclosure" means a communication or physical
transfer of classified information to an unauthorized recipient.

(i) "Agency" means any "Executive agency," as defined in 5 U.S.C.
105, and any other entity within the executive branch that comes into
the possession of classified information.

(j) "Senior agency official" means the official designated by the
agency head under section 5.6(c) of this order to direct and administer
the agency's program under which information is classified, safeguarded,
and declassified.

(k) "Confidential source" means any individual or organization that
has provided, or that may reasonably be expected to provide, information
to the United States on matters pertaining to the national security with
the expectation that the information or relationship, or both, are to be
held in confidence.

(l) "Damage to the national security" means harm to the national
defense or foreign relations of the United States from the unauthorized
disclosure of information, to include the sensitivity, value, and
utility of that information.

Sec. 1.2. Classification Standards. (a) Information may be
originally classified under the terms of this order only if all of the
following conditions are met:

(1) an original classification authority
is classifying the information;

(2) the information is owned by, produced
by or for, or is under the control of the
United States Government;

(3) the information falls within one or
more of the categories of information
listed in section 1.5 of this order; and

(4) the original classification authority
determines that the unauthorized disclosure
of the information reasonably could be
expected to result in damage to the
national security and the original
classification authority is able to
identify or describe the damage.

(b) If there is significant doubt about the need to classify
information, it shall not be classified. This provision does not:

(1) amplify or modify the substantive
criteria or procedures for classification;
or

(c) Classified information shall not be declassified automatically
as a result of any unauthorized disclosure of identical or similar
information.

Sec. 1.3. Classification Levels. (a) Information may be
classified at one of the following three levels:

(1) "Top Secret" shall be applied to
information, the unauthorized disclosure of
which reasonably could be expected to cause
exceptionally grave damage to the national
security that the original classification
authority is able to identify or describe.

(2) "Secret" shall be applied to
information, the unauthorized disclosure of
which reasonably could be expected to cause
serious damage to the national security
that the original classification authority
is able to identify or describe.

(3) "Confidential" shall be applied to
information, the unauthorized disclosure of
which reasonably could be expected to cause
damage to the national security that the
original classification authority is able
to identify or describe.

(b) Except as otherwise provided by statute, no other terms shall
be used to identify United States classified information.

(c) If there is significant doubt about the appropriate level of
classification, it shall be classified at the lower level.

Sec. 1.4. Classification Authority. (a) The authority to classify
information originally may be exercised only by:

(1) the President;

(2) agency heads and officials designated
by the President in the Federal Register;
or

(3) United States Government officials delegated this
authority pursuant to paragraph (c), below.

(b) Officials authorized to classify information at a specified
level are also authorized to classify information at a lower level.

(c) Delegation of original classification authority.

(1) Delegations of original classification
authority shall be limited to the minimum
required to administer this order. Agency
heads are responsible for ensuring that
designated subordinate officials have a
demonstrable and continuing need
to exercise this authority.

(2) "Top Secret" original classification
authority may be delegated only by the
President or by an agency head or official
designated pursuant to paragraph (a)(2),
above.

(3) "Secret" or "Confidential" original
classification authority may be delegated
only by the President; an agency head or
official designated pursuant to
paragraph (a)(2), above; or the senior
agency official, provided that official has
been delegated "Top Secret" original
classification authority by the agency
head.

(4) Each delegation of original
classification authority shall be in
writing and the authority shall not be
redelegated except as provided in this
order. Each delegation shall identify the
official by name or position title.

(d) Original classification authorities must receive training in
original classification as provided in this order and its implementing
directives.

(e) Exceptional cases. When an employee, contractor, licensee,
certificate holder, or grantee of an agency that does not have original
classification authority originates information believed by that person
to require classification, the information shall be protected in a
manner consistent with this order and its implementing directives. The
information shall be transmitted promptly as provided under this order
or its implementing directives to the agency that has appropriate
subject matter interest and classification authority with respect to
this information. That agency shall decide within 30 days whether to
classify this information. If it is not clear which agency has
classification responsibility for this information, it shall be sent to
the Director of the Information Security Oversight Office. The Director
shall determine the agency having primary subject matter interest and
forward the information, with appropriate recommendations, to that
agency for a classification determination.

Sec. 1.5. Classification Categories.

Information may not be considered for classification unless it
concerns:

(d) foreign relations or foreign activities of the United States,
including confidential sources;

(e) scientific, technological, or economic matters relating to the
national security;

(f) United States Government programs for safeguarding nuclear
materials or facilities; or

(g) vulnerabilities or capabilities of systems, installations,
projects or plans relating to the national security.

Sec. 1.6. Duration of Classification. (a) At the time of original
classification, the original classification authority shall attempt to
establish a specific date or event for declassification based upon the
duration of the national security sensitivity of the information. The
date or event shall not exceed the time frame in paragraph (b), below.

(b) If the original classification authority cannot determine an
earlier specific date or event for declassification, information shall
be marked for declassification 10 years from the date of the original
decision, except as provided in paragraph (d), below.

(c) An original classification authority may extend the duration of
classification or reclassify specific information for successive periods
not to exceed 10 years at a time if such action is consistent with the
standards and procedures established under this order. This provision
does not apply to information contained in records that are more than 25
years old and have been determined to have permanent historical value
under title 44, United States Code.

(d) At the time of original classification, the original
classification authority may exempt from declassification within 10
years specific information, the unauthorized disclosure of which could
reasonably be expected to cause damage to the national security for a
period greater than that provided in paragraph (b), above, and the
release of which could reasonably be expected to:

(1) reveal an intelligence source, method,
or activity, or a cryptologic system or
activity;

(2) reveal information that would assist
in the development or use of weapons of
mass destruction;

(3) reveal information that would impair
the development or use of technology within
a United States weapons system;

(4) reveal United States military plans,
or national security emergency preparedness
plans;

(5) reveal foreign government information;

(6) damage relations between the
United States and a foreign government,
reveal a confidential source, or seriously
undermine diplomatic activities that are
reasonably expected to be ongoing for a
period greater than that provided in
paragraph (b), above;

(7) impair the ability of responsible
United States Government officials to
protect the President, the Vice President,
and other individuals for whom protection
services, in the interest of national
security, are authorized; or

(8) violate a statute, treaty, or
international agreement.

(e) Information marked for an indefinite duration of
classification under predecessor orders, for example, "Originating
Agency's Determination Required," or information classified under
predecessor orders that contains no declassification instructions shall
be declassified in accordance with part 3 of this order.

Sec. 1.7. Identification and Markings. (a) At the time of
original classification, the following shall appear on the face of each
classified document, or shall be applied to other classified media in an
appropriate manner:

(1) one of the three classification levels
defined in section 1.3 of this order;

(2) the identity, by name or personal
identifier and position, of the original
classification authority;

(3) the agency and office of origin, if
not otherwise evident;

(4) declassification instructions, which
shall indicate one of the following:

(A) the date or event for
declassification, as prescribed in
section 1.6(a) or section 1.6(c); or

(B) the date that is 10 years from
the date of original classification,
as prescribed in section 1.6(b); or

(C) the exemption category from
declassification, as prescribed in
section 1.6(d); and

(5) a concise reason for classification
which, at a minimum, cites the applicable
classification categories in section 1.5 of
this order.

(b) Specific information contained in paragraph (a), above, may be
excluded if it would reveal additional classified information.

(c) Each classified document shall, by marking or other means,
indicate which portions are classified, with the applicable
classification level, which portions are exempt from declassification
under section 1.6(d) of this order, and which portions are unclassified.
In accordance with standards prescribed in directives issued under this
order, the Director of the Information Security Oversight Office may
grant waivers of this requirement for specified classes of documents or
information. The Director shall revoke any waiver upon a finding of
abuse.

(d) Markings implementing the provisions of this order, including
abbreviations and requirements to safeguard classified working papers,
shall conform to the standards prescribed in implementing directives
issued pursuant to this order.

(e) Foreign government information shall retain its original
classification markings or shall be assigned a U.S. classification that
provides a degree of protection at least equivalent to that required by
the entity that furnished the information.

(f) Information assigned a level of
classification under this or predecessor orders shall
be considered as classified at that level of
classification despite the omission of other required
markings. Whenever such information is used in the
derivative classification process or is reviewed for
possible declassification, holders of such
information shall coordinate with an appropriate
classification authority for the application of
omitted markings.

(g) The classification authority shall, whenever practicable, use a
classified addendum whenever classified information constitutes a small
portion of an otherwise unclassified document.

Sec. 1.8. Classification Prohibitions and Limitations.

(a) In no case shall information be classified in order to:

(1) conceal violations of law,
inefficiency, or administrative error;

(2) prevent embarrassment to a person,
organization, or agency;

(3) restrain competition; or

(4) prevent or delay the release of
information that does not require
protection in the interest of national
security.

(b) Basic scientific research information not clearly related to
the national security may not be classified.

(c) Information may not be reclassified after it has been
declassified and released to the public under proper authority.

(d) Information that has not previously been disclosed to the
public under proper authority may be classified or reclassified after an
agency has received a request for it under the Freedom of Information
Act (5 U.S.C. 552) or the Privacy Act of 1974 (5 U.S.C. 552a), or the
mandatory review provisions of section 3.6 of this order only if such
classification meets the requirements of this order and is accomplished
on a document-by-document basis with the personal participation or under
the direction of the agency head, the deputy agency head, or the senior
agency official designated under section 5.6 of this order. This
provision does not apply to classified information contained in records
that are more than 25 years old and have been determined to have
permanent historical value under title 44, United States Code.

(e) Compilations of items of information which are individually
unclassified may be classified if the compiled information reveals an
additional association or relationship that:

(1) meets the standards for classification
under this order; and

(2) is not otherwise revealed in the
individual items of information.

As used in this order, "compilation" means an aggregation of
pre-existing unclassified items of information.

Sec. 1.9. Classification Challenges. (a)
Authorized holders of information who, in good faith,
believe that its classification status is improper
are encouraged and expected to challenge the
classification status of the information in
accordance with agency procedures established under
paragraph (b), below.

(b) In accordance with implementing directives issued pursuant to
this order, an agency head or senior agency official shall establish
procedures under which authorized holders of information are encouraged
and expected to challenge the classification of information that they
believe is improperly classified or unclassified. These procedures
shall assure that:

(1) individuals are not subject to
retribution for bringing such actions;

(2) an opportunity is provided for review
by an impartial official or panel; and

(3) individuals are advised of their right
to appeal agency decisions to the
Interagency Security Classification Appeals
Panel established by section 5.4 of this
order.

PART 2 DERIVATIVE CLASSIFICATION

Sec. 2.1. Definitions. For purposes of this order: (a)
"Derivative classification" means the incorporating, paraphrasing,
restating or generating in new form information that is already
classified, and marking the newly developed material consistent with the
classification markings that apply to the source information.
Derivative classification includes the classification of information
based on classification guidance. The duplication or reproduction of
existing classified information is not derivative classification.

(b) "Classification guidance" means any instruction or source that
prescribes the classification of specific information.

(c) "Classification guide" means a documentary form of
classification guidance issued by an original classification authority
that identifies the elements of information regarding a specific subject
that must be classified and establishes the level and duration of
classification for each such element.

(d) "Source document" means an existing document that contains
classified information that is incorporated, paraphrased, restated, or
generated in new form into a new document.

(e) "Multiple sources" means two or more source documents,
classification guides, or a combination of both.

Sec. 2.2. Use of Derivative Classification. (a) Persons who only
reproduce, extract, or summarize classified information, or who only
apply classification markings derived from source material or as
directed by a classification guide, need not possess original
classification authority.

(b) Persons who apply derivative classification
markings shall:

(1) observe and respect original
classification decisions; and

(2) carry forward to any newly created
documents the pertinent classification
markings. For information derivatively
classified based on multiple sources, the
derivative classifier shall carry forward:

(A) the date or event for
declassification that corresponds to
the longest period of classification
among the sources; and

(B) a listing of these sources on or
attached to the official file or
record copy.

(1) the occurrence of a specific date or
event as determined by the original
classification authority; or

(2) the expiration of a maximum time frame
for duration of classification established
under this order.

(c) "Declassification authority" means:

(1) the official who authorized the
original classification, if that official
is still serving in the same position;

(2) the originator's current successor in
function;

(3) a supervisory official of either; or

(4) officials delegated declassification
authority in writing by the agency head or
the senior agency official.

(d) "Mandatory declassification review" means
the review for declassification of classified
information in response to a request for
declassification that meets the requirements under
section 3.6 of this order.

(e) "Systematic declassification review" means the review for
declassification of classified information contained in records that
have been determined by the Archivist of the United States ("Archivist")
to have permanent historical value in accordance with chapter 33 of
title 44, United States Code.

(f) "Declassification guide" means written instructions issued by a
declassification authority that describes the elements of information
regarding a specific subject that may be declassified and the elements
that must remain classified.

(g) "Downgrading" means a determination by a declassification
authority that information classified and safeguarded at a specified
level shall be classified and safeguarded at a lower level.

(h) "File series" means documentary material, regardless of its
physical form or characteristics, that is arranged in accordance with a
filing system or maintained as a unit because it pertains to the same
function or activity.

Sec. 3.2. Authority for Declassification. (a) Information shall
be declassified as soon as it no longer meets the standards for
classification under this order.

(b) It is presumed that information that continues to meet the
classification requirements under this order requires continued
protection. In some exceptional cases, however, the need to protect
such information may be outweighed by the public interest in disclosure
of the information, and in these cases the information should be
declassified. When such questions arise, they shall be referred to the
agency head or the senior agency official. That official will
determine, as an exercise of discretion, whether the public interest in
disclosure outweighs the damage to national security that might
reasonably be expected from disclosure. This provision does not:

(1) amplify or modify the substantive
criteria or procedures for classification;
or

(c) If the Director of the Information Security Oversight Office
determines that information is classified in violation of this order,
the Director may require the information to be declassified by the
agency that originated the classification. Any such decision by the
Director may be appealed to the President through the Assistant to the
President for National Security Affairs. The information shall remain
classified pending a prompt decision on the appeal.

(d) The provisions of this section shall also apply to agencies
that, under the terms of this order, do not have original classification
authority, but had such authority under predecessor orders.
Sec. 3.3. Transferred Information. (a) In the case of classified
information transferred in conjunction with a transfer of functions,
and not merely for storage purposes, the receiving agency shall be
deemed to be the originating agency for purposes of this order.

(b) In the case of classified information that is not officially
transferred as described in paragraph (a), above, but that originated
in an agency that has ceased to exist and for which there is no
successor agency, each agency in possession of such information shall
be deemed to be the originating agency for purposes of this order.
Such information may be declassified or downgraded by the agency in
possession after consultation with any other agency that has an
interest in the subject matter of the information.

(c) Classified information accessioned into the National Archives
and Records Administration ("National Archives") as of the effective
date of this order shall be declassified or downgraded by the Archivist
in accordance with this order, the directives issued pursuant to this
order, agency declassification guides, and any existing procedural
agreement between the Archivist and the relevant agency head.

(d) The originating agency shall take all reasonable steps to
declassify classified information contained in records determined to
have permanent historical value before they are accessioned into the
National Archives. However, the Archivist may require that records
containing classified information be accessioned into the National
Archives when necessary to comply with the provisions of the Federal
Records Act. This provision does not apply to information being
transferred to the Archivist pursuant to section 2203 of title 44,
United States Code, or information for which the National Archives and
Records Administration serves as the custodian of the records of an
agency or organization that goes out of existence.

(e) To the extent practicable, agencies shall adopt a system of
records management that will facilitate the public release of documents
at the time such documents are declassified pursuant to the provisions
for automatic declassification in sections 1.6 and 3.4 of this order.

Sec. 3.4. Automatic Declassification. (a) Subject to paragraph
(b), below, within 5 years from the date of this order, all classified
information contained in records that (1) are more than 25 years old,
and (2) have been determined to have permanent historical value under
title 44, United States Code, shall be automatically declassified
whether or not the records have been reviewed. Subsequently, all
classified information in such records shall be automatically
declassified no longer than 25 years from the date of its original
classification, except as provided in paragraph (b), below.

(b) An agency head may exempt from automatic declassification under
paragraph (a), above, specific information, the release of which should
be expected to:

(1) reveal the identity of a confidential
human source, or reveal information about
the application of an intelligence source
or method, or reveal the identity of a
human intelligence source when the
unauthorized disclosure of that source
would clearly and demonstrably damage the
national security interests of the
United States;

(2) reveal information that would assist
in the development or use of weapons of
mass destruction;

(3) reveal information that would impair
U.S. cryptologic systems or activities;

(4) reveal information that would impair
the application of state of the art
technology within a U.S. weapon system;

(5) reveal actual U.S. military war plans
that remain in effect;

(6) reveal information that would
seriously and demonstrably impair relations
between the United States and a foreign
government, or seriously and demonstrably
undermine ongoing diplomatic activities of
the United States;

(7) reveal information that would clearly
and demonstrably impair the current ability
of United States Government officials to
protect the President, Vice President, and
other officials for whom protection
services, in the interest of national
security, are authorized;

(8) reveal information that would
seriously and demonstrably impair current
national security emergency preparedness
plans; or

(9) violate a statute, treaty, or
international agreement.

(c) No later than the effective date of this order, an agency head
shall notify the President through the Assistant to the President for
National Security Affairs of any specific file series of records for
which a review or assessment has determined that the information within
those file series almost invariably falls within one or more of the
exemption categories listed in paragraph (b), above, and which the
agency proposes to exempt from automatic declassification. The
notification shall include:

(1) a description of the file series;

(2) an explanation of why the information
within the file series is almost invariably
exempt from automatic declassification and
why the information must remain classified
for a longer period of time; and

(3) except for the identity of a
confidential human source or a human
intelligence source, as provided in
paragraph (b), above, a specific date or
event for declassification of the
information.

The President may direct the agency head not to exempt the file series
or to declassify the information within that series at an earlier date
than recommended.

(d) At least 180 days before information is automatically
declassified under this section, an agency head or senior agency
official shall notify the Director of the Information Security Oversight
Office, serving as Executive Secretary of the Interagency Security
Classification Appeals Panel, of any specific information beyond that
included in a notification to the President under paragraph (c), above,
that the agency proposes to exempt from automatic declassification. The
notification shall include:

(1) a description of the information;

(2) an explanation of why the information
is exempt from automatic declassification
and must remain classified for a longer
period of time; and

(3) except for the identity of a
confidential human source or a human
intelligence source, as provided in
paragraph (b), above, a specific date or
event for declassification of the
information. The Panel may direct the
agency not to exempt the information or to
declassify it at an earlier date than
recommended. The agency head may appeal
such a decision to the President through
the Assistant to the President for National
Security Affairs. The information will
remain classified while such an appeal is
pending.

(e) No later than the effective date of this order, the agency head
or senior agency official shall provide the Director of the Information
Security Oversight Office with a plan for compliance with the
requirements of this section, including the establishment of interim
target dates. Each such plan shall include the requirement that the
agency declassify at least 15 percent of the records affected by this
section no later than 1 year from the effective date of this order, and
similar commitments for subsequent years until the effective date for
automatic declassification.

(f) Information exempted from automatic declassification under this
section shall remain subject to the mandatory and systematic
declassification review provisions of this order.

(g) The Secretary of State shall determine when the United States
should commence negotiations with the appropriate officials of a foreign
government or international organization of governments to modify any
treaty or international agreement that requires the classification of
information contained in records affected by this section for a period
longer than 25 years from the date of its creation, unless the treaty or
international agreement pertains to information that may otherwise
remain classified beyond 25 years under this section.

Sec. 3.5. Systematic Declassification Review. (a) Each agency
that has originated classified information under this order or its
predecessors shall establish and conduct a program for systematic
declassification review. This program shall apply to historically
valuable records exempted from automatic declassification under section
3.4 of this order. Agencies shall prioritize the systematic review of
records based upon:

(1) recommendations of the Information
Security Policy Advisory Council,
established in section 5.5 of this order,
on specific subject areas for systematic
review concentration; or

(2) the degree of researcher interest and
the likelihood of declassification upon
review.

(b) The Archivist of the shall conduct a systematic
declassification review program for classified information: (1)
accessioned into the National Archives as of the effective date of this
order; (2) information transferred to the Archivist pursuant to section
2203 of title 44, United States Code; and (3) information for which the
National Archives and Records Administration serves as the custodian of
the records of an agency or organization that has gone out of existence.
This program shall apply to pertinent records no later than 25 years
from the date of their creation. The Archivist shall establish
priorities for the systematic review of these records based upon the
recommendations of the Information Security Policy Advisory Council; or
the degree of researcher interest and the likelihood of declassification
upon review. These records shall be reviewed in accordance with the
standards of this order, its implementing directives, and
declassification guides provided to the Archivist by each agency that
originated the records. The Director of the Information Security
Oversight Office shall assure that agencies provide the Archivist with
adequate and current declassification guides.

(c) After consultation with affected agencies, the Secretary of
Defense may establish special procedures for systematic review for
declassification of classified cryptologic information, and the Director
of Central Intelligence may establish special procedures for systematic
review for declassification of classified information pertaining to
intelligence activities (including special activities), or intelligence
sources or methods.

Sec. 3.6. Mandatory Declassification Review. (a) Except as
provided in paragraph (b), below, all information classified under this
order or predecessor orders shall be subject to a review for
declassification by the originating agency if:

(1) the request for a review describes the
document or material containing the
information with sufficient specificity to
enable the agency to locate it with a
reasonable amount of effort;

(2) the information is not exempted from
search and review under the Central
Intelligence Agency Information Act; and

(3) the information has not been reviewed
for declassification within the past
2 years. If the agency has reviewed the
information within the past 2 years, or the
information is the subject of pending
litigation, the agency shall inform the
requester of this fact and of the
requester's appeal rights.

(b) Information originated by:

(1) the incumbent President;

(2) the incumbent President's White House
Staff;

(3) committees, commissions, or boards
appointed by the incumbent President; or

(4) other entities within the Executive
Office of the President that solely advise
and assist the incumbent President is
exempted from the provisions of
paragraph (a), above. However, the
Archivist shall have the authority to
review, downgrade, and declassify
information of former Presidents under the
control of the Archivist pursuant to
sections 2107, 2111, 2111 note, or 2203 of
title 44, United States Code. Review
procedures developed by the Archivist shall
provide for consultation with agencies
having primary subject matter interest and
shall be consistent with the provisions of
applicable laws or lawful agreements that
pertain to the respective Presidential
papers or records. Agencies with primary
subject matter interest shall be notified
promptly of the Archivist's decision. Any
final decision by the Archivist may be
appealed by the requester or an agency to
the Interagency Security Classification
Appeals Panel. The information shall
remain classified pending a prompt decision
on the appeal.

(c) Agencies conducting a mandatory review for declassification
shall declassify information that no longer meets the standards for
classification under this order. They shall release this information
unless withholding is otherwise authorized and warranted under
applicable law.

(d) In accordance with directives issued pursuant to this order,
agency heads shall develop procedures to process requests for the
mandatory review of classified information. These procedures shall
apply to information classified under this or predecessor orders. They
also shall provide a means for administratively appealing a denial of a
mandatory review request, and for notifying the requester of the right
to appeal a final agency decision to the Interagency Security
Classification Appeals Panel.

(e) After consultation with affected agencies, the Secretary of
Defense shall develop special procedures for the review of cryptologic
information, the Director of Central Intelligence shall develop special
procedures for the review of information pertaining to intelligence
activities (including special activities), or intelligence sources or
methods, and the Archivist shall develop special procedures for the
review of information accessioned into the National Archives.

Sec. 3.7. Processing Requests and Reviews. In response to a
request for information under the Freedom of Information Act, the
Privacy Act of 1974, or the mandatory review provisions of this order,
or pursuant to the automatic declassification or systematic review
provisions of this order:

(a) An agency may refuse to confirm or deny the existence or
nonexistence of requested information whenever the fact of its existence
or nonexistence is itself classified under this order.

(b) When an agency receives any request for documents in its
custody that contain information that was originally classified by
another agency, or comes across such documents in the process of the
automatic declassification or systematic review provisions of this
order, it shall refer copies of any request and the pertinent documents
to the originating agency for processing, and may, after consultation
with the originating agency, inform any requester of the referral unless
such association is itself classified under this order. In cases in
which the originating agency determines in writing that a response under
paragraph (a), above, is required, the referring agency shall respond to
the requester in accordance with that paragraph.

Sec. 3.8. Declassification Database. (a) The Archivist in
conjunction with the Director of the Information Security Oversight
Office and those agencies that originate classified information, shall
establish a Governmentwide database of information that has been
declassified. The Archivist shall also explore other possible uses of
technology to facilitate the declassification process.

(b) Agency heads shall fully cooperate with the Archivist in these
efforts.

(c) Except as otherwise authorized and warranted by law, all
declassified information contained within the database established under
paragraph (a), above, shall be available to the public.

PART 4 SAFEGUARDING

Sec. 4.1. Definitions. For purposes of this order: (a)
"Safeguarding" means measures and controls that are prescribed to
protect classified information.

(b) "Access" means the ability or opportunity to gain knowledge of
classified information.

(c) "Need-to-know" means a determination made by an authorized
holder of classified information that a prospective recipient requires
access to specific classified information in order to perform or assist
in a lawful and authorized governmental function.

(e) "Integrity" means the state that exists when information is
unchanged from its source and has not been accidentally or intentionally
modified, altered, or destroyed.

(f) "Network" means a system of two or more computers that can
exchange data or information.

(g) "Telecommunications" means the preparation, transmission, or
communication of information by electronic means.

(h) "Special access program" means a program established for a
specific class of classified information that imposes safeguarding and
access requirements that exceed those normally required for information
at the same classification level.

Sec. 4.2. General Restrictions on Access. (a) A person may have
access to classified information provided that:

(1) a favorable determination of
eligibility for access has been made by an
agency head or the agency head's designee;

(2) the person has signed an approved
nondisclosure agreement; and

(3) the person has a need-to-know the
information.

(b) Classified information shall remain under the control of the
originating agency or its successor in function. An agency shall not
disclose information originally classified by another agency without its
authorization. An official or employee leaving agency service may not
remove classified information from the agency's control.

(c) Classified information may not be removed from official
premises without proper authorization.

(d) Persons authorized to disseminate classified information
outside the executive branch shall assure the protection of the
information in a manner equivalent to that provided within the executive
branch.

(e) Consistent with law, directives, and regulation, an agency head
or senior agency official shall establish uniform procedures to ensure
that automated information systems, including networks and
telecommunications systems, that collect, create, communicate, compute,
disseminate, process, or store classified information have controls
that:

(1) prevent access by unauthorized
persons; and

(2) ensure the integrity of the
information.

(f) Consistent with law, directives, and regulation, each agency
head or senior agency official shall establish controls to ensure that
classified information is used, processed, stored, reproduced,
transmitted, and destroyed under conditions that provide adequate
protection and prevent access by unauthorized persons.

(g) Consistent with directives issued pursuant to this order, an
agency shall safeguard foreign government information under standards
that provide a degree of protection at least equivalent to that required
by the government or international organization of governments that
furnished the information. When adequate to achieve equivalency, these
standards may be less restrictive than the safeguarding standards that
ordinarily apply to United States "Confidential" information, including
allowing access to individuals with a need-to-know who have not
otherwise been cleared for access to classified information or executed
an approved nondisclosure agreement.

(h) Except as provided by statute or directives issued pursuant to
this order, classified information originating in one agency may not be
disseminated outside any other agency to which it has been made
available without the consent of the originating agency. An agency head
or senior agency official may waive this requirement for specific
information originated within that agency. For purposes of this
section, the Department of Defense shall be considered one agency.

Sec. 4.3. Distribution Controls. (a) Each agency shall establish
controls over the distribution of classified information to assure that
it is distributed only to organizations or individuals eligible for
access who also have a need-to-know the information.

(b) Each agency shall update, at least annually, the automatic,
routine, or recurring distribution of classified information that they
distribute. Recipients shall cooperate fully with distributors who are
updating distribution lists and shall notify distributors whenever a
relevant change in status occurs.

Sec. 4.4. Special Access Programs. (a) Establishment of special
access programs. Unless otherwise authorized by the President, only the
Secretaries of State, Defense and Energy, and the Director of Central
Intelligence, or the principal deputy of each, may create a special
access program. For special access programs pertaining to intelligence
activities (including special activities, but not including military
operational, strategic and tactical programs), or intelligence sources
or methods, this function will be exercised by the Director of Central
Intelligence. These officials shall keep the number of these programs
at an absolute minimum, and shall establish them only upon a specific
finding that:

(1) the vulnerability of, or threat to,
specific information is exceptional; and

(2) the normal criteria for determining
eligibility for access applicable to
information classified at the same level
are not deemed sufficient to protect the
information from unauthorized disclosure;
or

(3) the program is required by statute.

(b) Requirements and Limitations.

(1) Special access programs
shall be limited to programs in which the number of persons who will
have access ordinarily will be reasonably small and commensurate with
the objective of providing enhanced protection for the information
involved.

(2) Each agency head shall establish and
maintain a system of accounting for special
access programs consistent with directives
issued pursuant to this order.

(3) Special access programs shall be
subject to the oversight program
established under section 5.6(c) of this
order. In addition, the Director of the
Information Security Oversight Office shall
be afforded access to these programs,
in accordance with the security
requirements of each program, in order to
perform the functions assigned to the
Information Security Oversight Office under
this order. An agency head may limit
access to a special access program to the
Director and no more than one other
employee of the Information Security
Oversight Office; or, for special access
programs that are extraordinarily sensitive
and vulnerable, to the Director only.

(4) The agency head or principal deputy
shall review annually each special access
program to determine whether it continues
to meet the requirements of this order.

(5) Upon request, an agency shall brief
the Assistant to the President for National
Security Affairs, or his or her designee,
on any or all of the agency's special
access programs.

(c) Within 180 days after the effective date of this order, each
agency head or principal deputy shall review all existing special access
programs under the agency's jurisdiction. These officials shall
terminate any special access programs that do not clearly meet the
provisions of this order. Each existing special access program that an
agency head or principal deputy validates shall be treated as if it were
established on the effective date of this order.

(d) Nothing in this order shall supersede any requirement made by
or under 10 U.S.C. 119.

Sec. 4.5. Access by Historical Researchers and Former Presidential
Appointees. (a) The requirement in section 4.2(a)(3) of this order that
access to classified information may be granted only to individuals who
have a need-to-know the information may be waived for persons who:

(1) are engaged in historical research
projects; or

(2) previously have occupied policy-making
positions to which they were appointed by
the President.

(b) Waivers under this section may be granted only if the agency
head or senior agency official of the originating agency:

(1) determines in writing that access is
consistent with the interest of national
security;

(2) takes appropriate steps to protect
classified information from unauthorized
disclosure or compromise, and ensures that
the information is safeguarded in a manner
consistent with this order; and

(3) limits the access granted to former
Presidential appointees to items that the
person originated, reviewed, signed, or
received while serving as a Presidential
appointee.

PART 5 IMPLEMENTATION AND REVIEW

Sec. 5.1. Definitions. For purposes of this order: (a)
"Self-inspection" means the internal review and evaluation of individual
agency activities and the agency as a whole with respect to the
implementation of the program established under this order and its
implementing directives.

(b) "Violation" means:

(1) any knowing, willful, or negligent
action that could reasonably be expected to
result in an unauthorized disclosure of
classified information;

(2) any knowing, willful, or negligent
action to classify or continue the
classification of information contrary to
the requirements of this order or its
implementing directives; or

(3) any knowing, willful, or negligent
action to create or continue a special
access program contrary to the requirements
of this order.

(c) "Infraction" means any knowing, willful, or negligent action
contrary to the requirements of this order or its implementing
directives that does not comprise a "violation," as defined above.

Sec. 5.2. Program Direction. (a) The Director of the Office of
Management and Budget, in consultation with the Assistant to the
President for National Security Affairs and the co-chairs of the
Security Policy Board, shall issue such directives as are necessary to
implement this order. These directives shall be binding upon the
agencies. Directives issued by the Director of the Office of Management
and Budget shall establish standards for:

(1) classification and marking principles;

(2) agency security education and training
programs;

(3) agency self-inspection programs; and

(4) classification and declassification
guides.

(b) The Director of the Office of Management and Budget shall
delegate the implementation and monitorship functions of this program to
the Director of the Information Security Oversight Office.

(c) The Security Policy Board, established by a Presidential
Decision Directive, shall make a recommendation to the President
through the Assistant to the President for National Security Affairs
with respect to the issuance of a Presidential directive on
safeguarding classified information. The Presidential directive shall
pertain to the handling, storage, distribution, transmittal, and
destruction of and accounting for classified information.

Sec. 5.3. Information Security Oversight Office. (a) There is
established within the Office of Management and Budget an Information
Security Oversight Office. The Director of the Office of Management and
Budget shall appoint the Director of the Information Security Oversight
Office, subject to the approval of the President.

(b) Under the direction of the Director of the Office of Management
and Budget acting in consultation with the Assistant to the President
for National Security Affairs, the Director of the Information Security
Oversight Office shall:

(1) develop directives for the
implementation of this order;

(2) oversee agency actions to ensure
compliance with this order and its
implementing directives;

(3) review and approve agency implementing
regulations and agency guides for
systematic declassification review prior to
their issuance by the agency;

(4) have the authority to conduct on-site
reviews of each agency's program
established under this order, and to
require of each agency those reports,
information, and other cooperation that may
be necessary to fulfill its
responsibilities. If granting access to
specific categories of classified
information would pose an exceptional
national security risk, the affected agency
head or the senior agency official shall
submit a written justification recommending
the denial of access to the Director of
the Office of Management and Budget within
60 days of the request for access. Access
shall be denied pending a prompt decision
by the Director of the Office of Management
and Budget, who shall consult on this
decision with the Assistant to the
President for National Security Affairs;

(5) review requests for original
classification authority from agencies or
officials not granted original
classification authority and, if deemed
appropriate, recommend Presidential
approval through the Director of the Office
of Management and Budget;

(6) consider and take action on complaints
and suggestions from persons within or
outside the Government with respect to the
administration of the program established
under this order;

(7) have the authority to prescribe, after
consultation with affected agencies,
standardization of forms or procedures that
will promote the implementation of the
program established under this order;

(8) report at least annually to the
President on the implementation of this
order; and

(9) convene and chair interagency meetings
to discuss matters pertaining to the
program established by this order.

(1) There is established an Interagency
Security Classification Appeals Panel
("Panel"). The Secretaries of State and
Defense, the Attorney General, the Director
of Central Intelligence, the Archivist of
the United States, and the Assistant to the
President for National Security Affairs
shall each appoint a senior level
representative to serve as a member of the
Panel. The President shall select the
Chair of the Panel from among the Panel
members.

(2) A vacancy on the Panel shall be filled
as quickly as possible as provided in
paragraph (1), above.

(3) The Director of the Information
Security Oversight Office shall serve as
the Executive Secretary. The staff of the
Information Security Oversight Office shall
provide program and administrative support
for the Panel.

(4) The members and staff of the Panel
shall be required to meet eligibility for
access standards in order to fulfill the
Panel's functions.

(5) The Panel shall meet at the call of
the Chair. The Chair shall schedule
meetings as may be necessary for the Panel
to fulfill its functions in a timely
manner.

(6) The Information Security Oversight
Office shall include in its reports to the
President a summary of the
Panel's activities.

(b) Functions. The Panel shall:

(1) decide on appeals by persons who have
filed classification challenges under
section 1.9 of this order;

(2) approve, deny, or amend agency
exemptions from automatic declassification
as provided in section 3.4 of this order;
and

(3) decide on appeals by persons or
entities who have filed requests for
mandatory declassification review under
section 3.6 of this order.

(c) Rules and Procedures. The Panel shall issue bylaws, which
shall be published in the Federal Register no later than 120 days from
the effective date of this order. The bylaws shall establish the rules
and procedures that the Panel will follow in accepting, considering, and
issuing decisions on appeals. The rules and procedures of the Panel
shall provide that the Panel will consider appeals only on actions in
which: (1) the appellant has exhausted his or her administrative
remedies within the responsible agency; (2) there is no current action
pending on the issue within the federal courts; and (3) the information
has not been the subject of review by the federal courts or the Panel
within the past 2 years.

(d) Agency heads will cooperate fully with the Panel so that it
can fulfill its functions in a timely and fully informed manner. An
agency head may appeal a decision of the Panel to the President
through the Assistant to the President for National Security Affairs.
The Panel will report to the President through the Assistant to the
President for National Security Affairs any instance in which it
believes that an agency head is not cooperating fully with the Panel.

(e) The Appeals Panel is established for the sole purpose of
advising and assisting the President in the discharge of his
constitutional and discretionary authority to protect the national
security of the United States. Panel decisions are committed to the
discretion of the Panel, unless reversed by the President.

Sec. 5.5. Information Security Policy Advisory Council. (a)
Establishment. There is established an Information Security Policy
Advisory Council ("Council"). The Council shall be composed of seven
members appointed by the President for staggered terms not to exceed 4
years, from among persons who have demonstrated interest and expertise
in an area related to the subject matter of this order and are not
otherwise employees of the Federal Government. The President shall
appoint the Council Chair from among the members. The Council shall
comply with the Federal Advisory Committee Act, as amended, 5 U.S.C.
App. 2.

(b) Functions. The Council shall:

(1) advise the President, the Assistant to
the President for National Security
Affairs, the Director of the Office of
Management and Budget, or such other
executive branch officials as it deems
appropriate, on policiesestablished under this order
or its implementing directives, including
recommended changes to those policies;

(c) Meetings. The Council shall meet at least twice each calendar
year, and as determined by the Assistant to the President for National
Security Affairs or the Director of the Office of Management and Budget.

(d) Administration.

(1) Each Council member may be compensated
at a rate of pay not to exceed the daily
equivalent of the annual rate of basic pay
in effect for grade GS-18 of the general
schedule under section 5376 of title 5,
United States Code, for each day during
which that member is engaged in the actual
performance of the duties of the Council.

(2) While away from their homes or regular
place of business in the actual performance
of the duties of the Council, members may
be allowed travel expenses, including per
diem in lieu of subsistence, as authorized
by law for persons serving intermittently
in the Government service (5 U.S.C.
5703(b)).

(3) To the extent permitted by law and
subject to the availability of funds, the
Information Security Oversight Office shall
provide the Council with administrative
services, facilities, staff, and other
support services necessary for
the performance of its functions.

(4) Notwithstanding any other Executive
order, the functions of the
President under the Federal
Advisory Committee Act, as
amended, that are applicable to
the Council, except that of
reporting to the Congress, shall
be performed by the Director of
the Information Security
Oversight Office in accordance
with the guidelines and
procedures established by the
General Services Administration.

Sec. 5.6. General Responsibilities. Heads of agencies that
originate or handle classified information shall: (a) demonstrate
personal commitment and commit senior management to the successful
implementation of the program established under this order;

(b) commit necessary resources to the effective implementation of
the program established under this order; and

(c) designate a senior agency official to direct and administer the
program, whose responsibilities shall include:

(1) overseeing the agency's program
established under this order, provided, an
agency head may designate a separate
official to oversee special access programs
authorized under this order. This official
shall provide a full accounting of the
agency's special access programs at least
annually;

(2) promulgating implementing regulations,
which shall be published in the Federal
Register to the extent that they affect
members of the public;

(4) establishing and maintaining an
ongoing self-inspection program, which
shall include the periodic review
and assessment of the agency's classified
product;

(5) establishing procedures to prevent
unnecessary access to classified
information, including procedures that:
(i) require that a need for access to
classified information is established
before initiating administrative clearance
procedures; and (ii) ensure that the number
of persons granted access to classified
information is limited to the minimum
consistent with operational and security
requirements and needs;

(6) developing special contingency plans
for the safeguarding of classified
information used in or near hostile or
potentially hostile areas;

(7) assuring that the performance contract
or other system used to rate civilian or
military personnel performance includes the
management of classified information as a
critical element or item to be evaluated in
the rating of: (i) original classification
authorities; (ii) security managers or
security specialists; and (iii) all other
personnel whose duties significantly
involve the creation or handling of
classified information;

(8) accounting for the costs associated
with the implementation of this order,
which shall be reported to the Director of
the Information Security Oversight Office
for publication; and

(9) assigning in a prompt manner agency
personnel to respond to any request,
appeal, challenge, complaint, or suggestion
arising out of this order that pertains to
classified information that originated in a
component of the agency that no longer
exists and for which there is no clear
successor in function.

Sec. 5.7. Sanctions. (a) If the Director of the Information
Security Oversight Office finds that a violation of this order or its
implementing directives may have occurred, the Director shall make a
report to the head of the agency or to the senior agency official so
that corrective steps, if appropriate, may be taken.

(b) Officers and employees of the United States Government, and its
contractors, licensees, certificate holders, and grantees shall be
subject to appropriate sanctions if they knowingly, willfully, or
negligently:

(1) disclose to unauthorized persons
information properly classified under this
order or predecessor orders;

(2) classify or continue the
classification of information in violation
of this order or any implementing
directive;

(3) create or continue a special access
program contrary to the requirements of
this order; or

(4) contravene any other provision of this
order or its implementing directives.

(c) Sanctions may include reprimand, suspension without pay,
removal, termination of classification authority, loss or denial of
access to classified information, or other sanctions in accordance with
applicable law and agency regulation.

(d) The agency head, senior agency official, or other supervisory
official shall, at a minimum, promptly remove the classification
authority of any individual who demonstrates reckless disregard or a
pattern of error in applying the classification standards of this order.

(e) The agency head or senior agency official shall:

(1) take appropriate and prompt corrective
action when a violation or infraction under
paragraph (b), above, occurs; and

(2) notify the Director of the Information
Security Oversight Office when a violation
under paragraph (b)(1), (2) or (3), above,
occurs.

PART 6 GENERAL PROVISIONS

Sec. 6.1. General Provisions. (a) Nothing in this order shall
supersede any requirement made by or under the Atomic Energy Act of
1954, as amended, or the National Security Act of 1947, as amended.
"Restricted Data" and "Formerly Restricted Data" shall be handled,
protected, classified, downgraded, and declassified in conformity with
the provisions of the Atomic Energy Act of 1954, as amended, and
regulations issued under that Act.

(b) The Attorney General, upon request by the head of an agency or
the Director of the Information Security Oversight Office, shall render
an interpretation of this order with respect to any question arising in
the course of its administration.

(c) Nothing in this order limits the protection afforded any
information by other provisions of law, including the exemptions to the
Freedom of Information Act, the Privacy Act, and the National Security
Act of 1947, as amended. This order is not intended, and should not be
construed, to create any right or benefit, substantive or procedural,
enforceable at law by a party against the United States, its agencies,
its officers, or its employees. The foregoing is in addition to the
specific provisos set forth in sections 1.2(b), 3.2(b) and 5.4(e) of
this order.

(d) Executive Order No. 12356 of April 6, 1982, is revoked as of
the effective date of this order.

Sec. 6.2. Effective Date. This order shall become effective 180
days from the date of this order.